A Security Situational Awareness System Based on Industrial Control Network Traffic

An industrial control network and security posture technology, applied in transmission systems, electrical components, etc., can solve problems such as difficulty in dealing with unknown abnormal data, fluctuating test result reliability, and difficulty in updating, so as to improve data availability and retrieval speed, and reduce data loss. Storage and index burden, effect of reducing write pressure

Active Publication Date: 2021-04-13
TSINGHUA UNIV
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] (1) Low performance: It is difficult to forward, store and query ultra-large-scale industrial control network traffic data, and the system throughput and performance are extremely low;
[0005] (2) Inaccurate: The reliability of the test results fluctuates, making it difficult to deal with unknown abnormal data, which leads to a decrease in the accuracy of the test results;
[0006] (3) Difficult to update: The industrial control environment is a constantly evolving environment. The existing perception system cannot perform abnormal detection and self-update based on the existing detection results, and the customizable configuration items are insufficient.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Security Situational Awareness System Based on Industrial Control Network Traffic
  • A Security Situational Awareness System Based on Industrial Control Network Traffic
  • A Security Situational Awareness System Based on Industrial Control Network Traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to understand the above objects, features and advantages of the present invention more clearly, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be noted that the embodiments of the present invention and the features of the embodiments may be combined with each other under the condition of no conflict.

[0039] like figure 1 As shown, this embodiment provides a security situational awareness system based on industrial control network traffic, including: an industrial control network traffic collection module 10, a network traffic proxy forwarding module 20, a traffic data storage module 30, an anomaly detection module 40, and a configuration management module 50. The security situation visualization module 60 and the modeling and algorithm updating module 70, wherein:

[0040] The industrial control network traffic collection module 10 is used to collect, parse and s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a security situation awareness system based on industrial control network traffic, which is characterized in that the security situation awareness system includes: an industrial control network traffic collection module (10), a network traffic proxy forwarding module (20), and a traffic data storage module (30), abnormal detection module (40), configuration management module (50), security situation visualization module (60), modeling and algorithm update module (70); the security situation awareness system is conducive to improving the abnormal detection of industrial control network traffic Efficiency and accuracy, improved system availability and scalability.

Description

technical field [0001] The invention relates to a technology of industrial network security situation awareness, in particular to a security situation awareness system based on industrial control network traffic. Background technique [0002] There are various types of industrial control network data, and the amount of data is huge. There are various types of industrial equipment, host computers, controllers and other communication traffic in the network, forming a large amount of redundant data, it is difficult to mine key traffic, and it also has a great impact on the performance of the system. Since most of the data available in the industrial control network is normal data, there is only a very small amount of abnormal data, and there is a serious data imbalance problem. The existing machine learning or deep learning anomaly detection technology is difficult to apply in industrial networks. [0003] In the prior art, the existing network traffic is often modeled. However...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1425H04L67/56H04L67/568
Inventor 赵曦滨崔浩高跃
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap